Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

We live in interesting times, at least from computer technology point of view. In the last couple years we change the way our backend systems function (Cloud Computing) and the way consume our front end interfaces (Mobility, the Internet of thing). It is safe to say that the technology changes we are now experiencing – will revolutionize the way we consume technology.
But the described changes are being held back, and mostly because of information security. The root cause of the slow adoption of cloud among enterprises is Trust. Challenges around transparency, compliance, standardization and immature technologies are causing lack of trust between cloud stakeholders. And this lack of trust is the number one obstacle facing cloud computing.
So it is time for innovation. There is great demand for new, innovative solutions that will fuel the engines of the industry. Cloud Computing technologies can be innovative and ground breaking, this has been proved before. Today there are many areas where innovative solution can change the way we think and provide security.
In the presentation we will discuss the future of technologies like Identity Management, Encryption, API security and Big Data platforms and evaluate where we should improve the current technologies.
Regarding encryption - we know that current technologies are limited in our options to safe guard keys in virtual environments and that we don’t have solutions for using encryption as a method to increase real multi tenancy, audit and access controls, for all data types. Encryption technology must improve at all levels, starting from key management, file level encryption (IRM solutions) and other new technologies such as Homomorfic encryptions should be developed further to be effective.

6.
• Transparency is a major step toward trust.
• Legislation and standards are placing more and more
responsibilities on the provider and consumer.
• Cloud Providers now understand that transparency is
business advantage.

7.
• EU new data protection draft contain new directives:
Cloud Provider and consumer will have to perform risk
analysis together and take appropriate measures according
to the risk.
Cloud consumer must actively monitor provider.
• Federal regulations and standard also call for actively
assessing and monitor the cloud provider services.

8.
• We lack tools that enable interaction between cloud provider
and consumer regarding assessment and audit of services.
• We need a framework that will enable consumers and cloud
providers to efficiently perform risk assessment, take
appropriate controls and continuously monitor them.

9.
• In a world of Cloud Computing, mobile and the “Internet of
Things” – Everything is API
• Cloud automation, Cloud chaining, mobile application, 3rd
party developments are all dependent on API.
• Enterprise inspire to be open and connected.
• Open API are considered great farming ground for innovation.
• According to CSA research: 29% of cloud breakdowns occur
due to insecure interfaces and API.
Source: open API state of market, John Musser

10.
• The API are the new frontend for many applications.
• The market is shifting from “secured & Complicated”
SOAP to “unsecured but simple” REST API.
• We don’t have the right technology yet for securing
hundreds and
• Innovation is required on encryption, authentication,
authorization, data leakage and intrusion prevention.
API are the new
frontend

11.
• The network is the last layer that is not virtualized yet.
• In the next two years we will the beginning of software
based data center – virtualization from the network to the
applications.
• Currently standards are being developed in order to allow
SDN and NFV to mature.
Better SLA IPv6
Better
visibility and
management
Flexibility
No more
“sitting ducks”
Faster
development
Insights on
performance

13.
• SDN can change the way we think of network security.
• SDN currently lacks any eco-system that enable security,
monitoring, governance or automation.
• Innovation is require to develop technologies that will
utilize SDN features for security.

14.
• Encryption is key factor for cloud computing.
• Encryption enable us to create trust and comply to
regulations.
• New innovations allow us to keep keys on software, and to
encrypt data in/out of the cloud.
• But we are still lacking…
Crypto
Shredding
Enabling trust
in non trusted
situation
Regulations
Logical
separation
Security Audit

18.
Identity is the new perimeter
• In the cloud based world, the traditional perimeter is
dead. The only thing that matter is who you are.
• We are facing identity challenges on every aspect –
privacy, accountability and repudiation, authentication,
authorization and more.
• The market has not find the appropriate balance between
privacy, anonymity and efficiency.
• There are many new standards but we still lack mature
identity solutions.

19.
• Identity market lacks trust between all players.
• Integrating identities –Governments, Enterprises & Identity
Provider should find their role in the eco-system.
• Identities providers should develop and integrate also
devices, applications and services.
• authentication – when will we see the end of password?

20.
Across different
cloud providers
Rely more on
hosts level
security
Replicates current
enterprise tools
Ability to adjust
when instance
moves
Identity based
tools rather them
network
Improves cloud
functionality
Data is in the
center

21.
Procurement
process becomes
central
Cloud brokerages
are growing
In IaaS you integrate security
In SaaS you Outsource it
Community and
social tools will be
a factor for
decision
Transparency will
be critical
IT will allow
services but not
manage them
Expect questions
about SDLC and
Operations